Ijraset Journal For Research in Applied Science and Engineering Technology

Abstract

Cryptography is the practice and study of techniques to secure communication in the presence of adversarial behavior. On the other hand, Network security is the set of rules and configurations designed to protect the integrity, confidentiality, and accessibility of computer networks and data using both software and hardware technologies. Cryptography and network security are used to protect network and data communication take place over wireless networks and data which is stored in our systems. Cryptography is a network security tactic that is used to protect enterprise information and communication from cyber threats through the use of codes(encryption) using techniques such as merging words with images, and other ways to hide information in storage or transit. In this paper, we discussed about cryptography process, security mechanism, security services, attacks, types of cryptography, Steganography.

Introduction

I. INTRODUCTION

During this pandemic, we all rely upon online for all our needs such as communication, sharing information, online shopping, net banking, work, storing personal information, etc… so we use the method called cryptography to secure the information that we share using a network. Network security is the protection of the access to files and directories in a computer network against hacking, misuse, and unauthorized changes to the system. Network security acts as insurance for the stored resources. An example of network security is an anti-virus system. There are three components of network security: hardware, software, and cloud services.     

The most common network vulnerabilities:

1. Improperly installed hardware or software
2. Operating systems or firmware that has not been updated
3. Misused hardware or software
4. Poor or a complete lack of physical security
5. Insecure passwords
6. Design flaws in a device’s operating system or the network

While a vulnerability does not guarantee that a hacker, can easily gain access to our network information. Cryptography is the branch of network security. Cryptography is origin from the Greek word Kryptos meaning hidden, Cryptography is an application of mathematical concepts and a set of rule-based calculations known as algorithms to convert messages in ways that make it hard to decode them. These algorithms are used for cryptographic key generation, digital signing, verification to protect data privacy, web browsing on the internet, and protect confidential transactions such as credit card and debit card transactions. 

II. CRYPTOGRAPHY PROCESS

1. Plain Text: The messages to be encoded is known as plain content or clear content.
2. Encryption: The way toward delivering cipher content is called encryption.
3. Cipher Text: The encoded message is called cipher content.  
4. Decryption: The procedure of recovering the plain content from the cipher content is called decoding.

An example of cryptography

1. Consider the message “RED RUM”
2. A message is converted into a numeric form according to some scheme. The easiest scheme is to let space=0, A = 1 , B=2,... Y = 25 and Z = 26 For example, the message "Red Rum" would become 18, 5, 4, 0, 18, 21, 13.
3. This data was placed into matrix form. The size of the matrix depends on the size of the encryption key. Let's say that our encryption matrix (encoding matrix) is a 2 * 2 matrix. Since I have seven pieces of data, I would place that into a 4 * 2 matrix and fill the last spot with a space to make the matrix complete. Let's call the original, unencrypted data matrix A 

III. SECURITY MECHANISMS

1. Encipherment
2. Access Control  
3. Notarization
4. Data Integrity
5. Authentication exchange
6. Bit stuffing
7. Digital Signature

IV. SECURITY SERVICES

The classification of security services are as   follows:

1. Confidentiality: Confidentiality means that only authorized individuals (the receiver) can view the sent information. The data being sent over the network can not be accessed by unauthorized individuals.
2. Integrity: Integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so. Modification includes writing, changing status, deleting, creating, and delaying or replaying transmitted messages.
3. Authentication: Authentication is the process of verifying the identity of a person or device. Identification phase provides a user identity to the security system. This identity is provided in the form of a user ID. A common example is entering a username and password when you log in to a website. 
4. Non Repudiation: Non-repudiation refers to the assurance that the owner of a signature key pair that was capable of generating an existing signature corresponding to certain data cannot convincingly deny having signed the data.
5. Access Control: Access control identifies users by verifying various login credentials, which can include usernames and passwords, PINs, biometric scans, and security tokens.
6. Availability: Availability guarantees that systems, applications, and data are available to users when they need them.

Conclusion

Today everything is on the internet, thus security plays a very vital role. The older techniques are easy to attack. So, to keep the data secure cryptography is very important to save our data from unauthorized users. The key should be very confidential only to the sender and the receiver. Cryptography is useful for clients for the encryption of information and confirmation of different clients. Some cryptographic algorithms are used in network security to provide secured communication.[6] Cryptography and network security is used in data communication over the internet to provide security.

References

[1] https://www.cgmoneta.com/cybersecurity#:~:text=Network%20Security%20is%20the%20pr otection,or%20from%20a%20private%20network. [2] https://www.irjet.net/archives/V7/i4/IRJET-V7I4585.pdf [3] https://www.geeksforgeeks.org/the-cia-triad-incryptography/#:~:text=Confidentiality%20means%20that%20only%20authorized,be%20acce ssed%20by%20unauthorized%20individuals. [4] https://en.wikipedia.org/wiki/Passive_attack#:~:text=For%20a%20release%20of%20messag e,contents%20of%20the%20transmitted%20data.&text=When%20the%20messages%20are %20exchanged,party%20may%20capture%20the%20messages. [5] https://en.wikipedia.org/wiki/Traffic_analysis#:~:text=Traffic%20analysis%20is%20the%20p rocess,when%20the%20messages%20are%20encrypted.&text=Advanced%20traffic%20anal ysis%20techniques%20may%20include%20various%20forms%20of%20social%20network%2.0analysis. [6] Krishnamoorthy, Dr, and S. Chidambaranathan. \\\"Clever Cardnovel Authentication Protocol (NAUP) in Multi-Computing Internet of Things Environs.\\\" (2017).

Copyright

Copyright © 2022 Madhur Anil Borate, Ajay Narayan Panhale, Vijay Narayan Panhale, Pranjali Gade, Dr. Sunita Jadhav. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.